The widespread growth of open wireless hot spots has made it very easy for
network attackers to carry out man-in-the-middle attacks and impersonate web
sites. End-to-end security between a user’s web browser and web sites is ever
more needed to allow meaningful enforcement of the same-origin policy on the web
browser platform. Although HTTPS can be used to prevent such attacks, its
universal adoption by web sites is hindered by its performance cost and its
inability to be cached at intermediate servers (such as CDN servers and cache
proxies) while maintaining end-to-end security. With significant and increasing
amount of web content being cacheable, HTTPS is not the complete answer to an
end-to-end secure web.

In this paper, we observe that only end-to-end authentication and integrity
are required for the browser platform to meaningfully enforce the same-origin
policy. Without end-to-end confidentiality, content can be cached. In light of
this observation, we propose a new protocol, HTTPi, which offers only end-to-end
authentication and integrity. HTTPi works seamlessly with and benefits from the
existing web caching infrastructure. It performs content signing while preserving
progressive content loading supported by browsers. Because content signing can be
done offline, HTTPi incurs negligible overhead over HTTP. We advocate that sites
use HTTPS for requests that require end-to-end confidentiality, and HTTPi for all
other requests. Our prototype and evaluation experience show that HTTPi is
practical for adoption.